Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijackers and Trojans! Help


  • Please log in to reply
1 reply to this topic

#1 emperative

emperative

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:36 PM

Posted 29 October 2015 - 01:41 AM

Hello,

 

I'm pretty sure that hijackers have remote control ability of my laptop. For the past few days my lptp has been running unusually slow. Also for the past two days my webcam light at the top of the screen had been coming on and staying on for hours. I looked in my task manager to kill the camera and did not see it running. I even deleted the webcam app that came with this lptp to kill it and the light still comes on. Then yesterday while in Chrome all of my tabs started flickering and the lptp froze until i shut it down. When I reopened I could see someone was accessing control settings, a dialog box popped up asking about audio settings, and it seems they had turned on the audio command for the blind to have all keyboard moves vocalized. So im guessing they couldnt see so needed to hear what i was doing? Then it started to read out the website i was on which was Amazon! The lptp again started freezing as I struggled to gain control and prevent take over of my lptp. Different items began to be moved around by another cursor.

 

So I ran a few antiviruses.  It is hard to know which one I have.  I know that there has got to be many on here. I ran Anvi smart defender which told me I had 65 malicious extensions. Unfortunately, I don't know if it was the hijackers, but it took almost a day to run the complete Full scan for some odd reason.  On the next day just as I was approaching 70% scan completion. The system froze out and threw me out in the middle of the scan. When I clicked back on the software to run again, no log info was saved and it started a bit faster but this time saying I had NO malicious extensions or trojans.  What happened to the 65 it had already picked up? Anyway, I've run a few other softwares picking up those that I find and deleting/quarantining.  So far I found this one  Trojan.GenericKD.2795078, Riskware.Win32.HackTool, and something under a file called 'Searchprotect'  which has been deleted. My computer has become a bit faster and the webcam light has not been on since. I think I may have downloaded something that let this in -But What can I do!? This is weird and creepy!

Thanks!



BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,646 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:03:36 AM

Posted 01 November 2015 - 11:50 AM

hi emperative,

 

If you still need help you can do two things. First download and run the free version of Malwarebytes. Second create a log with FRST and copy/paste the logs in your reply.

 

Iam usually only on this site once or twice per day so you may not get a response back from me until the following day.

 

1)  Please download Malwarebytes Anti-Malware 2.0.3.1025 Final to your desktop.

     http://data-cdn.mbamupdates.com/v2/mbam/consumer/data/mbam-setup-2.0.3.1025.exe
 

    Double-click mbam-setup-2.0.3.1025.exe and follow the prompts to install the program.
    At the end, be sure a checkmark is placed next to the following:
        Launch Malwarebytes Anti-Malware
        A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish     the scanning and removal  capabilities of the program.
    Click Finish.
    On the Settings tab > Detection and Protection subtab, Detection Options, tick the box 'Scan for rootkits'.
    Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
    A Threat Scan will begin.
    With some infections, you may see this message box.
        'Could not load DDA driver'
    Click 'Yes' to this message, to allow the driver to load after a restart.
    Allow the computer to restart. Continue with the rest of these instructions.
    When the scan is complete, click Apply Actions.
    Wait for the prompt to restart the computer to appear, then click on Yes.
    After the restart once you are back at your desktop, open MBAM once more.
    Click on the History tab > Application Logs.
    Double click on the scan log which shows the Date and time of the scan just performed.
    Click 'Copy to Clipboard'
    Paste the contents of the clipboard into your next reply here.

 

2) After the above check this topic below and start at Step 6 on how to download, use and post a FRST log. The FRST log will provide additional info about any potential malware. Please copy/paste the log in your next reply.

     http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools- and-requesting-help/

 

Then we can continue from there.


How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users